<?php
include_once ('class.mssql.php');

class RegisterUser
{
    private $comtec_id_mainteiner;

    private $name;
    private $lastname1;
    private $lastname2;
    private $phone;
    private $email;
    private $position;
    private $password;
    private $passwmd5;
    private $access_level;
    private $status_reg;
    
    private $errors;
    private $token;

    public function __construct()
    {
        $this->errors   = array();
        
        $this->comtec_id_mainteiner = $_POST['comtec_id_mainteiner'];

        $this->name         = $_POST['name'];
        $this->lastname1    = $_POST['lastname1'];
        $this->lastname2    = $_POST['lastname2'];
        $this->phone        = $_POST['phone'];
        $this->email        = strtolower($_POST['email']);
        $this->position     = $_POST['position'];
        $this->password     = $this->filter($_POST['password']);
        $this->passwmd5     = md5($this->password);
        $this->access_level = $_POST['access_level'];
        $this->status_reg   = 1;

        $this->token    = $_POST['token'];
    }

    public function process()
    {
        if($this->valid_token() && $this->valid_data())
            $this->register();

        return count($this->errors)? 0 : 1;
    }

    public function filter($var)
    {
        return preg_replace('/[^a-zA-Z0-9@.]/','',$var);
    }

    public function filter_num($var)
    {
        return preg_replace('/[^0-9+]/','',$var);
    }

    public function register()
    {
        $db = new MSSQL();

        $stmt = $db->query("INSERT INTO users (
            comtec_id_mainteiner,
            name,
            lastname1,
            lastname2,
            phone,
            email,
            position,
            passwmd5,
            access_level,
            status_reg
        ) VALUES (
            {$this->comtec_id_mainteiner},
            '{$this->name}',
	    '{$this->lastname1}',
            '{$this->lastname2}',
            '{$this->phone}',
            '{$this->email}',
            '{$this->position}',
            '{$this->passwmd5}',
            {$this->access_level},
            {$this->status_reg}
        )");

        if(sqlsrv_rows_affected($stmt) < 1)
            $this->errors[] = 'No se puede procesar la inscripci&oacute;n';
    }

    public function user_exists()
    {
        $db = new MSSQL();

        $data = $db->query("SELECT comtec_id_user FROM users WHERE email = '{$this->email}'");

        return $db->num_rows($data)? 1 : 0;
    }

    public function show_errors()
    {
        $msg = "";
        foreach($this->errors as $key=>$value)
            $msg = $msg . $value . "\n";
        return $msg;
    }

    public function valid_data()
    {
        if($this->user_exists())
            $this->errors[] = 'Direccion de correo electronico ya existe';

        return count($this->errors)? 0 : 1;
    }

    public function valid_token()
    {
        if(!isset($_SESSION['token']) || $this->token != $_SESSION['token'])
            $this->errors[] = 'Registro inv&aacute;lido';

        return count($this->errors)? 0 : 1;
    }
}
?>
